Skip to content

Commit

Permalink
box: add --box-impersonate to impersonate a user ID - fixes rclone#7267
Browse files Browse the repository at this point in the history
  • Loading branch information
ncw committed Sep 4, 2023
1 parent b33140d commit 6afd708
Showing 1 changed file with 23 additions and 0 deletions.
23 changes: 23 additions & 0 deletions backend/box/box.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,23 @@ func init() {
Default: "",
Help: "Only show items owned by the login (email address) passed in.",
Advanced: true,
}, {
Name: "impersonate",
Default: "",
Help: `Impersonate this user ID when using a service account.
Settng this flag allows rclone, when using a JWT service account, to
act on behalf of another user by setting the as-user header.
The user ID is the Box identifier for a user. User IDs can found for
any user via the GET /users endpoint, which is only available to
admins, or by calling the GET /users/me endpoint with an authenticated
user session.
See: https://developer.box.com/guides/authentication/jwt/as-user/
`,
Advanced: true,
Sensitive: true,
}, {
Name: config.ConfigEncoding,
Help: config.ConfigEncodingHelp,
Expand Down Expand Up @@ -262,6 +279,7 @@ type Options struct {
AccessToken string `config:"access_token"`
ListChunk int `config:"list_chunk"`
OwnedBy string `config:"owned_by"`
Impersonate string `config:"impersonate"`
}

// ItemMeta defines metadata we cache for each Item ID
Expand Down Expand Up @@ -451,6 +469,11 @@ func NewFs(ctx context.Context, name, root string, m configmap.Mapper) (fs.Fs, e
f.srv.SetHeader("Authorization", "Bearer "+f.opt.AccessToken)
}

// If using impersonate set an as-user header
if f.opt.Impersonate != "" {
f.srv.SetHeader("as-user", f.opt.Impersonate)
}

jsonFile, ok := m.Get("box_config_file")
boxSubType, boxSubTypeOk := m.Get("box_sub_type")

Expand Down

0 comments on commit 6afd708

Please sign in to comment.